Risk, Architecture and Development in the SDLC

All companies increasingly depend upon business-to-business software applications to enhance operations, creating a broad range of risks in the process. These risks include security, availability, recoverability, performance, scalability, and compliance risks related to mission critical, internet facing systems. Many times, the primary cause of these risks is an absence of expertise and consideration of security and privacy during systems development. Previously unstructured implementations of risk mitigation measures in the systems development lifecycle lead to both over- and under-investment in development controls. Many companies claim to use a risk-based approach that incorporates cost-effective levels of risk mitigation commensurate with the corporations risk tolerance levels. The effort should use security architecture, structure within the systems development lifecycle and a proper coding program and training.


Read more ...

Operational Maturity using RIIOT

Operational Maturity Using RIIOT

The RIIOT Method – comprises five different approaches to data gathering and can be applied to the administrative, physical and technical areas and is a core underlying principle of any assessment activity.

  • Review Documents
  • Review documents for clarity
  • Review documents for content
  • Completeness
  • Correctness and Consistency
  • Record gaps

Read more ...

SWOT Services

Strengths - Weaknesses - Opportunities - Threats - SWOT

Many information security organizations struggle with creating a functional program that follows business requirements and stays true to business intent. Treadstone 71 can lead you through the process of performing a Strengths, Weaknesses, Opportunities and Threats (SWOT) analysis of your strategy and program. We will train your staff on how to perform a SWOT, execute the SWOT using existing program information, audit findings, policies, procedures and regulations.

Read more ...

Search Our Site

Treadstone 71 - We See What Others Cannot

The Cyber Intelligence Training delivered and created by Jeff Bardin adds rapid returns to both Cyber Intel Analysts, and Security Ops Centers.  Each student receives quality instruction and hands-on experience with today’s OSINT tools and intelligence tradecraft.  This is necessary for anyone new to Cyber Intelligence and complimentary to any Security Operations within your enterprise. This 4.5-day class provides the student with the resources and fundamentals needed to establish cyber intelligence as a force as both a proactive offensive step and a counter intelligence-contributing arm of your larger team.  – Antonio, 

Fortune 100 Company


Upcoming Classes

Current Courses (dates, locations, topics subject to change):
Cyber Intelligence Reston - October 2017 (October 16-20)

2018 Course Dates - Locations TBD
January 22-26 Cyber Intel - Amsterdam, NL

February 5-9 Cyber Intel - Tysons Corners Virginia
March 19-23 Cyber Intel - Chantilly Virginia
April 2-6 Cyber Intel - London, UK

April 30 – May 4 Cyber Counter - Los Angeles California

May 14-18 Cyber Intel - San Jose, CA
June 18-22 Cyber Intel - Reston, Virginia
Aug 13-17 Cyber Intel - Chicago, IL
Sep 17-21 - Cyber Intel - Boston, MA
Oct 15-19 Cyber Counter - Reston, VA
Nov 5-9 Cyber Intel - Denver, CO
Dec 3-7 Cyber Counter

Students and organizations taught (non-inclusively):

AIB, American Express, Capital One, Commonwealth Bank, Bank of America, ING, NCSC NL, Defense Security Services, PNY, Dell Secureworks, HPE Security, EclecticIQ, Darkmatter (AE), General Electric, General Motors, PNC, Sony, Goldman Sachs, NASA, DoD, East West Bank, Naval Air Warfare Center, VISA, USBank, Wyndham Capital, Egyptian Government, DNB Norway, Euroclear, Malaysian Cyberjaya, People's United Bank, Baupost Group, Bank of North Carolina, Fidelity Investments, Citi, Citigroup, T. Rowe Price, Wells Fargo, Discover, Blackknight Financial Services, Intercontinental Exchange (ICE), Citizens Financial Group, Scottrade, MetLife, NY Life, Synchrony Financial, TD Ameritrade, National Reconnaissance Office, FBI, Stellar Solutions, Lockheed Martin, Harvard Pilgrim, State of Florida, Deloitte, Ernst and Young, Mitsubishi, Tower Research, Geller & Company, KeyBank, Fannie Mae, BB&T, Aviation ISAC, JP Morgan Chase, Barclays, Nomura International, ING, Finance CERT Norway, BBVA, Santander, Bank of America, Equifax, BNY Mellon, OCC, Verizon, Vantiv, Bridgewater Associates, Bank of Canada, Credit Suisse, HSBC, International Exchange, Vista Equity Partners, Aetna, Betaalvereniging Nederland, non-inclusively (as well as several other firms by proxy as they hire qualified intelligence professionals trained by Treadstone 71).

Terms of Use - Privacy Policy - Course EULA

  Treadstone 71 Cyber Intelligence Services

  Treadstone 71 Expands Groundbreaking Services


Cyber Jihad - 2008-2011 Compilation Part 1


Cyber Jihad - 2008-2011 Compilation Part II


Iran Cyber Proxies and Capabilities 

Gaming as a Method of Jihadist Training








Treadstone 71 Cyber Intel Services / Training